Mozilla Network Security Services?(NSS) versions 3.12.2 and prior contain an issue that could allow an unauthenticated, remote attacker to present a malicious digital certificate that a user's browser could accept as valid.

The issue exists because browsers that use NSS will accept a digital certificate that is built using the MD2 hashing algorithm, which has been proven to be insecure.? An unauthenticated, remote attacker could exploit this issue by creating a malicious digital signature using an MD2 hashing algorithm.? A browser that uses NSS could accept the certificate as legitimate.? An exploit could allow other attacks to occur, such as a man-in-the-middle attack.

VeriSign and possibly other vendors have in the past signed root certificates with an MD2 hashing algorithm.? While the MD2 hashing algorithm has been proven to be insecure, this only means that computers are getting powerful enough to take advantage of collisions in the MD2 scheme.??These collisions could allow an attacker to create a malicious digital signature that would be accepted as valid by any client software,?such as a browser, that will accept a certificate signed with an MD2 hashing algorithm. VeriSign took action on May 17, 2009, to remove any of its root certificates that were signed with the MD2 hashing algorithm.? The?MD2 signature was replaced with a SHA-1 signature, which is considered robust at this time.?

Mozilla has confirmed this issue and released updated software.

Patches/Software

Mozilla has issued release notes at the following link: NSS 3.12.3. Mozilla has released updated software at the following link: NSS 3.12.3

MontaVista Software has re-released a security alert for registered users on January 6, 2010, at the following link: MontaVista Security Fixes. MontaVista Software has released updated software at the following links:

vMA 4.0vMA 4.0 can be updated to Patch 3 using the sudo /usr/sbin/vima-update update command.

Impact

An unauthenticated, remote attacker could exploit this issue to present a malicious digital certificate that a user's browser could accept as valid.? The attacker could?take advantage of ?this issue as a part of other attacks, such as a man-in-the-middle attack.

Safeguards

Administrators are advised to apply the appropriate updates.

Users are advised not to open e-mail messages from suspicious or unrecognized sources.? If users cannot verify that links or attachments included in e-mail messages are safe, they are advised not to open them.

Users are advised not to visit websites or follow links that have suspicious characteristics or cannot be verified as safe.

Version 1, July 31, 2009, 4:40 PM: Mozilla Network Security Services contains an issue that could allow an unauthenticated, remote attacker to present a malicious digital certificate that a user's browser could accept as valid. Updates are available.

Alerts and bulletins on the Cisco Security Intelligence Operations Portal are highlighted by analysts in the
Cisco Threat Operations Center and represent a subset of the comprehensive content that is available through Cisco Security IntelliShield Alert Manager Service.
This customizable threat and vulnerability alert service provides security staff with access to timely, accurate, and credible information about threats and vulnerabilities that may affect their environment.

LEGAL DISCLAIMER
The urgency and severity ratings of this alert are not tailored to individual users; users may value alerts differently based upon their network configurations and circumstances. THE ALERT, AND INFORMATION CONTAINED THEREIN, ARE PROVIDED ON AN "AS IS" BASIS AND DO NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE ALERT, AND INFORMATION CONTAINED THEREIN, OR MATERIALS LINKED FROM THE ALERT, IS AT YOUR OWN RISK. INFORMATION IN THIS ALERT AND ANY RELATED COMMUNICATIONS IS BASED ON OUR KNOWLEDGE AT THE TIME OF PUBLICATION AND IS SUBJECT TO CHANGE WITHOUT NOTICE. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE ALERTS AT ANY TIME.